Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
File: e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa (raw, json)
Hash identifier: FJnn1tG/sj8osWEaVHMSg5I1c4dzxUrDd7KAw4FzoGQ=
Subject key identifier: D0:7E:1F:C3:AE:25:79:FE:7D:AF:D4:26:E2:05:F7:92:55:D0:DA:F6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4ECD6CB21D823BA15ECCFC4E11D14A8162F91A3F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
Signing time: Fri 26 Sep 2025 19:10:18 +0000
ROA not before: Fri 26 Sep 2025 19:10:18 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:cd:6c:b2:1d:82:3b:a1:5e:cc:fc:4e:11:d1:4a:81:62:f9:1a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 26 19:10:18 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a3368cd4dc19ea7529c9bb6f61165b8f5981e8fed57d5ecd3bf8cf0e6f7b896a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fa:76:d8:10:df:e2:f8:c5:0c:c6:11:0b:9f:
6f:89:22:a6:24:78:50:3e:4d:25:b0:eb:2b:dd:fc:
9d:7f:84:fc:8d:0d:61:bb:f2:9b:1d:25:a0:a0:1b:
61:c7:c4:cb:99:d0:04:a0:43:a8:57:88:a9:f1:ff:
b0:d7:cb:23:9c:ca:86:0e:48:18:c9:8e:a3:45:08:
78:66:73:b3:43:00:dd:c2:50:29:eb:0e:0e:49:7c:
2f:40:22:8f:bd:bf:6a:4a:f4:5b:7f:8e:7c:d9:e8:
43:44:67:5b:7b:ef:85:7b:81:b7:d9:26:ff:e9:c4:
f9:2a:e7:c9:41:7f:6d:4b:00:22:89:d2:d3:f8:7e:
cc:a3:03:d1:fa:b0:e8:4a:22:66:69:e9:1c:c7:17:
cb:17:d4:44:9f:d9:51:e0:60:e3:3c:c1:05:0c:86:
cd:8e:82:37:74:f8:51:14:d0:0e:b9:0f:c1:70:7b:
a2:30:f2:5c:f2:b4:52:fd:c2:7b:90:81:9f:9b:68:
1d:12:06:ca:3f:f3:18:1d:11:56:54:34:b1:1a:1d:
07:9e:a6:c3:32:b1:7f:de:96:18:da:8e:45:7e:80:
e3:b1:54:9a:65:b5:b9:7b:ff:78:85:88:0f:48:bb:
40:94:81:ff:53:f5:b7:56:32:4a:a2:e8:2f:c2:92:
a8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7E:1F:C3:AE:25:79:FE:7D:AF:D4:26:E2:05:F7:92:55:D0:DA:F6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c040::/48
Signature Algorithm: sha256WithRSAEncryption
33:d8:6f:3b:c7:47:76:98:c0:f1:fc:81:46:b7:f6:0a:91:e7:
3f:a4:45:00:c2:74:fc:71:17:c7:6f:88:e5:83:c4:c9:03:10:
b8:f5:87:6a:7c:89:8a:c1:e3:38:19:2d:06:4b:5c:bc:02:6d:
e4:e1:b6:d0:3d:a3:9b:0a:38:26:59:64:46:2e:66:65:70:d2:
91:ee:36:8d:30:0f:e0:a9:41:4e:fb:8e:07:53:4c:83:a6:58:
44:19:74:8d:70:91:ee:56:07:93:6d:31:91:3a:7c:ec:9e:10:
49:10:80:79:51:9d:eb:e4:cb:16:68:52:5b:0d:92:31:19:9d:
57:5c:84:05:63:a2:35:07:4c:fa:12:09:5f:78:e1:96:96:7e:
38:67:2f:3f:cf:90:4f:6b:09:5d:e0:fc:89:99:b1:00:75:b8:
70:44:6d:e5:16:fe:f2:52:f6:0f:38:a0:29:e7:1d:e7:89:66:
4e:22:38:43:a7:3a:ef:37:cc:c6:08:81:50:7c:76:cf:21:3d:
4f:3b:82:34:bc:43:cc:55:b0:22:7c:ac:27:58:17:6b:5c:9b:
54:ee:35:92:2f:24:7a:39:63:66:82:59:f6:27:02:eb:65:c3:
43:64:86:8d:8b:c7:89:aa:29:7c:5d:60:2b:0d:c7:a8:71:be:
a7:ca:34:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTs1ssh2CO6FezPxOEdFKgWL5Gj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MjYxOTEwMThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMzY4Y2Q0ZGMxOWVhNzUyOWM5YmI2ZjYxMTY1YjhmNTk4MWU4ZmVkNTdk
NWVjZDNiZjhjZjBlNmY3Yjg5NmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJr6dtgQ3+L4xQzGEQufb4kipiR4UD5NJbDrK938nX+E/I0NYbvymx0loKAb
YcfEy5nQBKBDqFeIqfH/sNfLI5zKhg5IGMmOo0UIeGZzs0MA3cJQKesODkl8L0Ai
j72/akr0W3+OfNnoQ0RnW3vvhXuBt9km/+nE+SrnyUF/bUsAIonS0/h+zKMD0fqw
6EoiZmnpHMcXyxfURJ/ZUeBg4zzBBQyGzY6CN3T4URTQDrkPwXB7ojDyXPK0Uv3C
e5CBn5toHRIGyj/zGB0RVlQ0sRodB56mwzKxf96WGNqORX6A47FUmmW1uXv/eIWI
D0i7QJSB/1P1t1YySqLoL8KSqDkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTQfh/D
riV5/n2v1CbiBfeSVdDa9jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkzMWNhYTktY2E0ZS00MjhhLWFhM2MtM2FmMzZlZmFmYzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
QDANBgkqhkiG9w0BAQsFAAOCAQEAM9hvO8dHdpjA8fyBRrf2CpHnP6RFAMJ0/HEX
x2+I5YPEyQMQuPWHanyJisHjOBktBktcvAJt5OG20D2jmwo4JllkRi5mZXDSke42
jTAP4KlBTvuOB1NMg6ZYRBl0jXCR7lYHk20xkTp87J4QSRCAeVGd6+TLFmhSWw2S
MRmdV1yEBWOiNQdM+hIJX3jhlpZ+OGcvP8+QT2sJXeD8iZmxAHW4cERt5Rb+8lL2
DzigKecd54lmTiI4Q6c67zfMxgiBUHx2zyE9TzuCNLxDzFWwInysJ1gXa1ybVO41
ki8kejljZoJZ9icC62XDQ2SGjYvHiaopfF1gKw3HqHG+p8o0cA==
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:18:55 2025 by rpki-client